<?php
require dirname ( __FILE__ ) . '/../lib/init.php';

$_POST = addslashes_deep ( $_POST );
//$uid = $_SESSION ["USERID"];
$userdo = $_POST ["useraction"];
$table = "kt_newst";
$curdate = date ( "Y-m-d H:i:s" );
$curdates = date ( "Ymdhis" );
$uploaddir = "../../upload/news/";
global $db;
if ($userdo == "NEWSADD") {
	$news_title = $_POST ["news_title"];
	$news_date = $_POST ["news_date"];
	$news_content = $_POST ["news_content"];
	$news_showtype = $_POST["news_showtype"];
	// $news_videourl = $_POST["news_videourl"];
	$data = array (
			'news_title' => $news_title 
	);
	if (! empty ( $_FILES ["news_image"] ) && $_FILES ["news_image"] ["error"] == 0) {
		$newsimage_type = $_FILES ["news_image"] ["type"];
		if (stripos ( $newsimage_type, "image/" ) < 0) {
			echo "产品图像格式不对！";
			return;
		}
		$newsimage_name = addslashes ( $_FILES ['news_image'] ["name"] );
		$newsimage_name = iconv ( "utf-8", "gbk//IGNORE", $newsimage_name );
		$pic_targetFile = $uploaddir . $newsimage_name;
		@move_uploaded_file ( $_FILES ['news_image'] ['tmp_name'], $pic_targetFile );
		$pic_randomName = get_random_name ( $curdates, $newsimage_name );
		rename ( $pic_targetFile, $uploaddir . $pic_randomName );
		$data ["news_image"] = $pic_randomName;
	} else {
		$data ["news_image"] = "";
	}
	$data ["news_content"] = $news_content;
	$data ["news_date"] = $news_date;
	$data ["news_showtype"] = $news_showtype;
	$data ["createtime"] = $curdate;
	echo $db->insert ( $table, $data );
} else if ($userdo == "NEWSEDIT") {
	$oid = $_POST ["oid"];
	$news_title = $_POST ["news_title"];
	$news_date = $_POST ["news_date"];
	$news_content = $_POST ["news_content"];
	$news_showtype = $_POST["news_showtype"];
	$data = array (
			'news_title' => $news_title 
	);
	if (! empty ( $_FILES ["news_image"] ) && $_FILES ["news_image"] ["error"] == 0) {
		$newsimage_type = $_FILES ["news_image"] ["type"];
		if (stripos ( $newsimage_type, "image/" ) < 0) {
			echo "产品图像格式不对！";
			return;
		}
		$newsimage_name = addslashes ( $_FILES ['news_image'] ["name"] );
		$newsimage_name = iconv ( "utf-8", "gbk//IGNORE", $newsimage_name );
		$pic_targetFile = $uploaddir . $newsimage_name;
		@move_uploaded_file ( $_FILES ['news_image'] ['tmp_name'], $pic_targetFile );
		$pic_randomName = get_random_name ( $curdates, $newsimage_name );
		rename ( $pic_targetFile, $uploaddir . $pic_randomName );
		$data ["news_image"] = $pic_randomName;
	}
	$data ["news_content"] = $news_content;
	$data ["news_date"] = $news_date;
	$data ["news_showtype"] = $news_showtype;
	// $data["news_videourl"] = 1;
	$data ["createtime"] = $curdate;
	echo $db->update ( $table, $data, $oid );
} else if ($userdo == "NEWSDEL") {
	$oid = $_POST ["oid"];
	$oid = array_map ( "intval", $oid );
	$where = 'oid IN (' . join ( ', ', $oid ) . ')';
	$query = "SELECT * FROM $table WHERE " . $where;
	$res = $db->get_results ( $query );
	foreach ( $res as $resobj ) {
		$imgfile = "../../upload/news/" . $resobj ["news_image"];
		if (file_exists ( $imgfile )) {
			@unlink ( $imgfile );
		}
	}
	echo $db->delete ( $table, $where );
}

 